Hi,
I am using squid 3.0 STABLE20 on RHEL5 in conjunction with shorewall
4.4.4-1. I am using squid in non-transparent proxy mode. Currently I m
working like this:
Shorewall & squid are installed on same box. Shorewall is listening on
this box on local interface and forwarding all http (port 80) traffic to
squid-port (3128). since squid is running in non-transparent mode, I've
set all client browsers with this proxy's address & port. Now i've two
questions that might only be performance issue or may be i m doing some
extra work here: I am using this because I need to process all other
traffic (ftp / ssh / gopher / https) through shorewall. Only port 80
traffic shud go to squid.
1. When squid is running in non-transparent mode and client browsers are
set with proxy address & port, is it necessary to still redirect port 80
traffic to squid through shorewall? Should not all clients automatically
communicate with squid on that address & port?
2. Does squid dorectly listen to traffic sent to it from client browsers
or it needs the traffic redirected to it by another software like
iptables / shhorewall?
I am confused b/w two scenarios what approach should be taken? Further,
how can i send https traffic to squid as well for filtering.
--
Regards,
Asim Ahmed Khan
IT Manager,
Folio3 (Pvt.) Ltd. www.folio3.com
Direct: 92-21-4323721-4 Ext 110
Email: aahmed@xxxxxxxxxx
